osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/packet.h

513 lines
17 KiB
C
Raw Normal View History

Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/* packet.h
* Definitions for packet disassembly structures and routines
*
Re-arranged Ethereal's definitions of DLT_RAW et al. since capture.c is the only file that uses them. I hope to avoid some compiler warnings with this. svn path=/trunk/; revision=512
1999-08-18 16:28:22 +00:00
* $Id: packet.h,v 1.85 1999/08/18 16:28:22 gram Exp $
Added ID tags to the beginning of each source file. svn path=/trunk/; revision=7
1998-09-16 03:22:19 +00:00
*
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@zing.org>
* Copyright 1998 Gerald Combs
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifndef __PACKET_H__
#define __PACKET_H__
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
#ifndef __PROTO_H__
#include "proto.h"
#endif
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
* byte array, returns the value of the two or four bytes at the pointer.
* OSPF alignment fixes (Gerald) * FDDI support (Laurent, Guy) svn path=/trunk/; revision=36
1998-10-10 03:32:20 +00:00
* The pletoh[sl] versions return the little-endian representation.
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
*/
* OSPF alignment fixes (Gerald) * FDDI support (Laurent, Guy) svn path=/trunk/; revision=36
1998-10-10 03:32:20 +00:00
#define pntohs(p) ((guint16) \
((guint16)*((guint8 *)p+0)<<8| \
(guint16)*((guint8 *)p+1)<<0))
#define pntohl(p) ((guint32)*((guint8 *)p+0)<<24| \
(guint32)*((guint8 *)p+1)<<16| \
(guint32)*((guint8 *)p+2)<<8| \
(guint32)*((guint8 *)p+3)<<0)
#define pletohs(p) ((guint16) \
((guint16)*((guint8 *)p+1)<<8| \
(guint16)*((guint8 *)p+0)<<0))
#define pletohl(p) ((guint32)*((guint8 *)p+3)<<24| \
(guint32)*((guint8 *)p+2)<<16| \
(guint32)*((guint8 *)p+1)<<8| \
(guint32)*((guint8 *)p+0)<<0)
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
I removed the bit-fields that depended upon gcc's ability to use any type of variable as a bit field container. ANSI specs only allow unsigned ints to host bit fields; IBM's C compiler is very ANSI-strict. svn path=/trunk/; revision=183
1999-02-08 20:02:35 +00:00
#define hi_nibble(b) ((b & 0xf0) >> 4)
#define lo_nibble(b) (b & 0x0f)
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
/* Byte ordering */
#ifndef BYTE_ORDER
#define LITTLE_ENDIAN 4321
#define BIG_ENDIAN 1234
#ifdef WORDS_BIGENDIAN
#define BYTE_ORDER BIG_ENDIAN
#else
#define BYTE_ORDER LITTLE_ENDIAN
#endif
#endif
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
/* Useful when you have an array whose size you can tell at compile-time */
#define array_length(x) (sizeof x / sizeof x[0])
I removed the ncp code from packet-ipx.c and created packet-ncp.c. Now that I've started concentrating on the NetWare modules again, packet-ncp.c is going to start to grow. I also added IPX RIP to packet-ipx.c. Additionally, I added the END_OF_FRAME macro to packet.h, which is useful for many dissect() routines. (and I already modified packet-bootp.c and packet-data.c to use this macro) svn path=/trunk/; revision=22
1998-09-23 05:25:12 +00:00
/* Useful when highlighting regions inside a dissect_*() function. With this
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
* macro, you can highlight from an arbitrary offset to the end of the
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
* packet (which may come before the end of the frame).
* See dissect_data() for an example.
I removed the ncp code from packet-ipx.c and created packet-ncp.c. Now that I've started concentrating on the NetWare modules again, packet-ncp.c is going to start to grow. I also added IPX RIP to packet-ipx.c. Additionally, I added the END_OF_FRAME macro to packet.h, which is useful for many dissect() routines. (and I already modified packet-bootp.c and packet-data.c to use this macro) svn path=/trunk/; revision=22
1998-09-23 05:25:12 +00:00
*/
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
#define END_OF_FRAME (pi.captured_len - offset)
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
/* To pass one of two strings, singular or plural */
#define plurality(d,s,p) ((d) == 1 ? (s) : (p))
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
* Added column formatting functionality. * Added check_col(), add_col_str() and add_col_fmt() to replace references to ft->win_info. * Added column prefs handling code. svn path=/trunk/; revision=97
1998-11-17 04:29:13 +00:00
typedef struct _column_info {
Have: COL_INFO columns resize automatically even during a live capture; columns showing network addresses never resize automatically; other columns resize only when a capture is done; and make all columns resizeable by hand (once they've resized, for auto-resizeable columns). svn path=/trunk/; revision=394
1999-07-28 03:29:02 +00:00
gint num_cols; /* Number of columns */
gint *col_fmt; /* Format of column */
gboolean **fmt_matx; /* Specifies which formats apply to a column */
gint *col_width; /* Column widths to use during a "-S" capture */
gchar **col_data; /* Column data */
* Added column formatting functionality. * Added check_col(), add_col_str() and add_col_fmt() to replace references to ft->win_info. * Added column prefs handling code. svn path=/trunk/; revision=97
1998-11-17 04:29:13 +00:00
} column_info;
#define COL_MAX_LEN 256
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
typedef struct _packet_counts {
gint tcp;
gint udp;
Add ICMP to the set of packet types counted in the window shown while a capture is in progress. svn path=/trunk/; revision=491
1999-08-14 23:47:20 +00:00
gint icmp;
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
gint ospf;
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
gint gre;
Jeff Foster's changes to add support for NetBEUI/NBF (NetBIOS atop 802.2 LLC, the original NetBIOS encapsulation). svn path=/trunk/; revision=466
1999-08-10 20:06:39 +00:00
gint netbios;
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
gint other;
gint total;
} packet_counts;
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
typedef struct _frame_data {
Building a GList by adding elements to the end with "g_list_append()" is N^2 in the ultimate size of the list (as "g_list_append()" is linear in the size of the list, at least when used in the way the GLib documentation says to use it); instead, maintain our own linked list of "frame_data" structures for all packets read, including a pointer to the last element. "gtk_clist_set_row_data()" is linear in the row number, so if it's used to attach a pointer to the "frame_data" structure for a packet to the packet list GtkClist row for each packet, that's also N^2 in the number of packets in that packet list; instead, store the row number in the "frame_data" structure, and find the packet for a given row by scanning the list for it (we were already scanning the list linearly to find that packet's index in the list of all packets; that's only done when a packet's selected, so it's not *too* bad, but it might be nice to avoid having to do that scan). svn path=/trunk/; revision=457
1999-08-10 04:13:37 +00:00
struct _frame_data *next; /* Next element in list */
* Added Joerg Mayer's Vines patch * Added Joerg to the AUTHORS file * Added Guy's bitfield decode patch * Fixed time output svn path=/trunk/; revision=142
1998-12-29 04:05:38 +00:00
guint32 pkt_len; /* Packet length */
guint32 cap_len; /* Amount actually captured */
guint32 rel_secs; /* Relative seconds */
guint32 rel_usecs; /* Relative microseconds */
guint32 abs_secs; /* Absolute seconds */
guint32 abs_usecs; /* Absolute microseconds */
guint32 del_secs; /* Delta seconds */
guint32 del_usecs; /* Delta microseconds */
long file_off; /* File offset */
column_info *cinfo; /* Column formatting information */
Building a GList by adding elements to the end with "g_list_append()" is N^2 in the ultimate size of the list (as "g_list_append()" is linear in the size of the list, at least when used in the way the GLib documentation says to use it); instead, maintain our own linked list of "frame_data" structures for all packets read, including a pointer to the last element. "gtk_clist_set_row_data()" is linear in the row number, so if it's used to attach a pointer to the "frame_data" structure for a packet to the packet list GtkClist row for each packet, that's also N^2 in the number of packets in that packet list; instead, store the row number in the "frame_data" structure, and find the packet for a given row by scanning the list for it (we were already scanning the list linearly to find that packet's index in the list of all packets; that's only done when a packet's selected, so it's not *too* bad, but it might be nice to avoid having to do that scan). svn path=/trunk/; revision=457
1999-08-10 04:13:37 +00:00
gint row; /* Row number for this packet in the display */
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
int lnk_t; /* Per-packet encapsulation/data-link type */
gboolean passed_dfilter; /* TRUE = display, FALSE = no display */
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
guint8 flags; /* for ENCAP_LAPB : 1st bit means From DCE */
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
} frame_data;
* Added Mike Hall's TCP reconstruction code. svn path=/trunk/; revision=10
1998-09-17 03:12:28 +00:00
typedef struct _packet_info {
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
int len;
int captured_len;
Make unsigned the members of a "packet_info" structure that store IP addresses, IP protocols, and TCP/UDP port numbers (as those are unsigned). svn path=/trunk/; revision=411
1999-07-31 18:18:43 +00:00
guint32 ip_src;
guint32 ip_dst;
guint32 ipproto;
guint32 srcport;
guint32 destport;
guint32 match_port;
* Added Mike Hall's TCP reconstruction code. svn path=/trunk/; revision=10
1998-09-17 03:12:28 +00:00
int iplen;
int iphdrlen;
} packet_info;
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
extern packet_info pi;
* OSPF alignment fixes (Gerald) * FDDI support (Laurent, Guy) svn path=/trunk/; revision=36
1998-10-10 03:32:20 +00:00
/* Struct for the match_strval function */
typedef struct _value_string {
guint32 value;
gchar *strptr;
} value_string;
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
/* Many of the structs and definitions below and in packet-*.c files
* were taken from include files in the Linux distribution. */
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
FTP, POP, and Telnet support from Richard Sharpe. svn path=/trunk/; revision=237
1999-04-05 21:54:41 +00:00
typedef struct tcp_extra_data {
int match_port;
int sport;
int dport;
} tcp_extra_data;
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/* Tree types. Each dissect_* routine should have one for each
add_subtree() call. */
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
enum {
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_NONE,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_FRAME,
ETT_IEEE8023,
ETT_ETHER2,
ETT_LLC,
ETT_TOKEN_RING,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_TOKEN_RING_AC,
ETT_TOKEN_RING_FC,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_TR_IERR_CNT,
ETT_TR_NERR_CNT,
ETT_TR_MAC,
ETT_PPP,
ETT_ARP,
ETT_FDDI,
ETT_NULL,
ETT_IP,
ETT_IP_OPTIONS,
ETT_IP_OPTION_SEC,
ETT_IP_OPTION_ROUTE,
ETT_IP_OPTION_TIMESTAMP,
* Added Joerg Mayer's Vines patch * Added Joerg to the AUTHORS file * Added Guy's bitfield decode patch * Fixed time output svn path=/trunk/; revision=142
1998-12-29 04:05:38 +00:00
ETT_IP_TOS,
ETT_IP_OFF,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_UDP,
ETT_TCP,
ETT_TCP_OPTIONS,
ETT_TCP_OPTION_SACK,
* Added Joerg Mayer's Vines patch * Added Joerg to the AUTHORS file * Added Guy's bitfield decode patch * Fixed time output svn path=/trunk/; revision=142
1998-12-29 04:05:38 +00:00
ETT_TCP_FLAGS,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_ICMP,
ETT_IGMP,
ETT_IPX,
ETT_SPX,
ETT_NCP,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_NCP_REQUEST_FIELDS,
ETT_NCP_REPLY_FIELDS,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_DNS,
Decode the word containing the opcode, flags, reply code, etc. in DNS and NBNS requests. Put the opcode in the COL_INFO field for DNS requests (it was already there for NBNS requests). Don't assume a DNS or NBNS request is neatly aligned on a 2-byte boundary (it might not be if, for example, the packet is an FDDI packet). svn path=/trunk/; revision=153
1999-01-04 09:13:46 +00:00
ETT_DNS_FLAGS,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_DNS_QRY,
Show queries as a summary line (as was the case before my DNS checkins) which can be expanded into a detailed name/type/class description. svn path=/trunk/; revision=58
1998-10-15 06:40:51 +00:00
ETT_DNS_QD,
ETT_DNS_ANS,
Tag NetBIOS Name Service-over-UDP packets as "NBNS (UDP)". Give a detailed display of the innards of NBNS-over-UDP packets. Export some stuff from the DNS decoder for the use of the NBNS decoder (NBNS is DNS-like). Give a more detailed display of the innards of DNS packets as well. Fix a couple of minor NBNS bugs. svn path=/trunk/; revision=55
1998-10-14 19:35:00 +00:00
ETT_DNS_RR,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_ISAKMP,
ETT_ISAKMP_FLAGS,
ETT_ISAKMP_PAYLOAD,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_RIP,
ETT_RIP_VEC,
ETT_OSPF,
ETT_OSPF_HDR,
ETT_OSPF_HELLO,
ETT_OSPF_DESC,
ETT_OSPF_LSR,
ETT_OSPF_LSA_UPD,
ETT_OSPF_LSA,
ETT_LPD,
ETT_RAW,
Patches from Thierry Andry to support Classical IP captures from systems with the ATM on Linux software from <http://lrcwww.epfl.ch/linux-atm/>. svn path=/trunk/; revision=401
1999-07-28 23:16:42 +00:00
ETT_CLIP,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_BOOTP,
ETT_BOOTP_OPTION,
ETT_IPv6,
ETT_CLNP,
ETT_COTP,
* Added Joerg Mayer's Vines patch * Added Joerg to the AUTHORS file * Added Guy's bitfield decode patch * Fixed time output svn path=/trunk/; revision=142
1998-12-29 04:05:38 +00:00
ETT_VINES_FRP,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_VINES,
* Added Joerg Mayer's Vines patch * Added Joerg to the AUTHORS file * Added Guy's bitfield decode patch * Fixed time output svn path=/trunk/; revision=142
1998-12-29 04:05:38 +00:00
ETT_VINES_ARP,
ETT_VINES_ICP,
ETT_VINES_IPC,
ETT_VINES_RTP,
ETT_VINES_SPP,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
ETT_IPXRIP,
ETT_IPXSAP,
ETT_IPXSAP_SERVER,
Added preliminary support for NetBIOS Name Services over IPX and UDP. Note that these are two very different implementations of NetBIOS name services and at the protocol level are not similar. I have put the UDP protocol in packet-nbns.c, since it will be a very big module. I have all of rfc 1002 to read and implement. I am planning on putting many different NetBIOS over IPX functions in packet-nbipx.c, however, since there is no RFC or published standard. I have to hack the protocol, and as such, I do not expect it to be as full-featured as the IP-world equivalents. svn path=/trunk/; revision=50
1998-10-14 04:09:15 +00:00
ETT_NBNS,
Decode the word containing the opcode, flags, reply code, etc. in DNS and NBNS requests. Put the opcode in the COL_INFO field for DNS requests (it was already there for NBNS requests). Don't assume a DNS or NBNS request is neatly aligned on a 2-byte boundary (it might not be if, for example, the packet is an FDDI packet). svn path=/trunk/; revision=153
1999-01-04 09:13:46 +00:00
ETT_NBNS_FLAGS,
Decode the various flag fields in resource records in NBNS replies. svn path=/trunk/; revision=159
1999-01-05 08:48:40 +00:00
ETT_NBNS_NB_FLAGS,
ETT_NBNS_NAME_FLAGS,
Tag NetBIOS Name Service-over-UDP packets as "NBNS (UDP)". Give a detailed display of the innards of NBNS-over-UDP packets. Export some stuff from the DNS decoder for the use of the NBNS decoder (NBNS is DNS-like). Give a more detailed display of the innards of DNS packets as well. Fix a couple of minor NBNS bugs. svn path=/trunk/; revision=55
1998-10-14 19:35:00 +00:00
ETT_NBNS_QRY,
Show queries as a summary line (as was the case before my DNS checkins) which can be expanded into a detailed name/type/class description. svn path=/trunk/; revision=58
1998-10-15 06:40:51 +00:00
ETT_NBNS_QD,
Jeff Foster's changes to add support for NetBEUI/NBF (NetBIOS atop 802.2 LLC, the original NetBIOS encapsulation). svn path=/trunk/; revision=466
1999-08-10 20:06:39 +00:00
ETT_NETB,
ETT_NETB_FLAGS,
ETT_NETB_NAME,
Show queries as a summary line (as was the case before my DNS checkins) which can be expanded into a detailed name/type/class description. svn path=/trunk/; revision=58
1998-10-15 06:40:51 +00:00
ETT_NBNS_ANS,
Tag NetBIOS Name Service-over-UDP packets as "NBNS (UDP)". Give a detailed display of the innards of NBNS-over-UDP packets. Export some stuff from the DNS decoder for the use of the NBNS decoder (NBNS is DNS-like). Give a more detailed display of the innards of DNS packets as well. Fix a couple of minor NBNS bugs. svn path=/trunk/; revision=55
1998-10-14 19:35:00 +00:00
ETT_NBNS_RR,
Added preliminary support for NetBIOS Name Services over IPX and UDP. Note that these are two very different implementations of NetBIOS name services and at the protocol level are not similar. I have put the UDP protocol in packet-nbns.c, since it will be a very big module. I have all of rfc 1002 to read and implement. I am planning on putting many different NetBIOS over IPX functions in packet-nbipx.c, however, since there is no RFC or published standard. I have to hack the protocol, and as such, I do not expect it to be as full-featured as the IP-world equivalents. svn path=/trunk/; revision=50
1998-10-14 04:09:15 +00:00
ETT_NBIPX,
* Copied in the correct GNU license (I'm such a goober) * Hacks to the filter interface (Gerald) * About box (Laurent) * AppleTalk support (Simon) * Mods to the match_strval routine (Gerald) svn path=/trunk/; revision=61
1998-10-16 01:18:35 +00:00
ETT_AARP,
Added NetBIOS Datagram (over UDP) support. svn path=/trunk/; revision=113
1998-11-20 05:58:42 +00:00
ETT_GIOP,
ETT_NBDGM,
Added "Cisco Discovery Protocol" Hooks Added Ethernet Loopback Protocol Type to ethertype.c svn path=/trunk/; revision=129
1998-12-19 00:12:23 +00:00
ETT_CDP,
Add a first cut at HTTP decoding. svn path=/trunk/; revision=187
1999-02-12 09:03:42 +00:00
ETT_HTTP,
Added Richard Sharpe's TFTP support. svn path=/trunk/; revision=190
1999-02-15 06:36:57 +00:00
ETT_TFTP,
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
ETT_AH,
ETT_ESP,
ETT_ICMPv6,
ETT_ICMPv6OPT,
ETT_ICMPv6FLAG,
FTP, POP, and Telnet support from Richard Sharpe. svn path=/trunk/; revision=237
1999-04-05 21:54:41 +00:00
ETT_POP,
ETT_FTP,
ETT_TELNET,
ETT_TELNET_SUBOPT,
Add NNTP support. svn path=/trunk/; revision=241
1999-04-06 02:02:12 +00:00
ETT_NNTP,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_SNMP,
Add support for the NetBIOS Session Service. Improve the descriptions of the NetBIOS Name Service errors a bit. svn path=/trunk/; revision=247
1999-04-30 03:16:03 +00:00
ETT_NBSS,
ETT_NBSS_FLAGS,
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
ETT_SMB,
ETT_SMB_FLAGS,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_SMB_FLAGS2,
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
ETT_SMB_DIALECTS,
ETT_SMB_MODE,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_SMB_CAPABILITIES,
Mode decoded SMBs ... Now decode part of a TCONX request, but not the responses, and do not handle the ANDX part yet, but I have a Linux course to develop, so that is enough for now. svn path=/trunk/; revision=261
1999-05-10 00:27:32 +00:00
ETT_SMB_RAWMODE,
ETT_SMB_AFLAGS,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
ETT_SMB_DESIREDACCESS,
ETT_SMB_SEARCH,
ETT_SMB_FILE,
ETT_SMB_OPENFUNCTION,
ETT_SMB_FILEATTRIBUTES,
ETT_SMB_FILETYPE,
ETT_SMB_ACTION,
ETT_PPTP,
ETT_GRE,
ETT_GRE_FLAGS,
ETT_PPPOED,
ETT_PPPOED_TAGS,
ETT_PPPOES,
ETT_LCP,
ETT_IPCP,
ETT_RSVP,
ETT_RSVP_UNKNOWN_CLASS,
ETT_RSVP_HDR,
ETT_RSVP_SESSION,
ETT_RSVP_SGROUP,
ETT_RSVP_HOP,
ETT_RSVP_INTEGRITY,
ETT_RSVP_TIME_VALUES,
ETT_RSVP_ERROR,
ETT_RSVP_SCOPE,
ETT_RSVP_STYLE,
ETT_RSVP_FLOWSPEC,
ETT_RSVP_FILTER_SPEC,
ETT_RSVP_SENDER_TEMPLATE,
ETT_RSVP_SENDER_TSPEC,
ETT_RSVP_ADSPEC,
ETT_RSVP_POLICY,
ETT_RSVP_CONFIRM,
ETT_RSVP_ADSPEC_SUBTREE1,
ETT_RSVP_ADSPEC_SUBTREE2,
ETT_RSVP_ADSPEC_SUBTREE3,
ETT_RTSP,
ETT_SDP,
ETT_RADIUS,
ETT_RADIUS_AVP,
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
ETT_LAPB,
ETT_X25,
Add a "dissect_xdlc_control()" routine, to dissect the control field of SDLC-derived protocols such as HDLC and derivatives of it such as LAPB, IEEE 802.2 LLC, and so on. Have the LLC and LAPB dissectors use it. Make "dissect_numeric_bitfield()" put the low-order bit of the bitfield in the low-order bit of an integer when printing it, so that the right value is printed. svn path=/trunk/; revision=434
1999-08-04 04:37:46 +00:00
ETT_XDLC_CONTROL,
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
NUM_TREE_TYPES /* last item number plus one */
};
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
Add a routine to dissect IP or TCP options (and, from a look at RFC 1883, it should, perhaps with some additions, be able to handle IPv6 options as well). Make the IPv4 and TCP dissectors use it. Fix a typo in the IP dissector ("Unknon" for "Unknown"). Show the IP and TCP header lengths as byte counts rather than 4-byte-word counts. Show the protocol field value of an IP header as a name if it's a protocol we know about. List the acknowledgment and urgent pointer values in a TCP header only if the corresponding flag is set. Make the ETT_ values members of an enum, so that the compiler automatically assigns them sequential integer values (at least if said compiler conforms to the ANSI C standard). svn path=/trunk/; revision=45
1998-10-13 05:40:04 +00:00
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/* Utility routines used by packet*.c */
Neither "ether_to_str()" nor "ip_to_str()" modify the data pointed to by their arguments, so make those arguments pointers to 'const", so that we don't get complaints if somebody hands them a pointer to "const". svn path=/trunk/; revision=158
1999-01-05 07:33:38 +00:00
gchar* ether_to_str(const guint8 *);
gchar* ip_to_str(const guint8 *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
gchar* abs_time_to_str(struct timeval*);
Added guy's time and DHCP patch. svn path=/trunk/; revision=177
1999-01-28 21:29:36 +00:00
gchar* time_secs_to_str(guint32);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
gchar* bytes_to_str(const guint8 *, int);
Changes to the routines to help decode text-oriented protocols (FTP, SMTP, POP, HTTP, etc.) for the benefit of Richard Sharpe's FTP and POP dissectors. svn path=/trunk/; revision=233
1999-03-30 04:41:01 +00:00
const u_char *find_line_end(const u_char *data, const u_char *dataend,
const u_char **eol);
int get_token_len(const u_char *linep, const u_char *lineend,
const u_char **next_token);
gchar* format_text(const u_char *line, int len);
Add the "Maximize security" type of service for IP, from RFC 1455. Make the arguments to "val_to_str()" and "match_strval()" that point to things those routines don't modify pointers to "const", and make the "value_string" tables passed into those routines in "packet-ip.c" "const". svn path=/trunk/; revision=72
1998-10-28 01:16:49 +00:00
gchar* val_to_str(guint32, const value_string *, const char *);
gchar* match_strval(guint32, const value_string*);
Move the bitfield-decoding routines to "packet.h", along with other helper routines for packet dissecting, and away from "util.c", which is now all GUI-related. (Among other things, this makes life more pleasant for Gilbert Ramirez's "tethereal" stuff, although a lot more separation of GUI from other stuff needs to be done to make that - or a "curses"-based variant of Ethereal, or a variant using some other GUI toolkit - work smoothly.) svn path=/trunk/; revision=235
1999-03-31 08:20:28 +00:00
const char *decode_boolean_bitfield(guint32 val, guint32 mask, int width,
const char *truedesc, const char *falsedesc);
const char *decode_enumerated_bitfield(guint32 val, guint32 mask, int width,
const value_string *tab, const char *fmt);
const char *decode_numeric_bitfield(guint32 val, guint32 mask, int width,
const char *fmt);
* Added column formatting functionality. * Added check_col(), add_col_str() and add_col_fmt() to replace references to ft->win_info. * Added column prefs handling code. svn path=/trunk/; revision=97
1998-11-17 04:29:13 +00:00
gint check_col(frame_data *, gint);
#if __GNUC__ == 2
void col_add_fstr(frame_data *, gint, gchar *, ...)
__attribute__((format (printf, 3, 4)));
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
void col_append_fstr(frame_data *, gint, gchar *, ...)
__attribute__((format (printf, 3, 4)));
* Added column formatting functionality. * Added check_col(), add_col_str() and add_col_fmt() to replace references to ft->win_info. * Added column prefs handling code. svn path=/trunk/; revision=97
1998-11-17 04:29:13 +00:00
#else
void col_add_fstr(frame_data *, gint, gchar *, ...);
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
void col_append_fstr(frame_data *, gint, gchar *, ...);
* Added column formatting functionality. * Added check_col(), add_col_str() and add_col_fmt() to replace references to ft->win_info. * Added column prefs handling code. svn path=/trunk/; revision=97
1998-11-17 04:29:13 +00:00
#endif
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void col_add_str(frame_data *, gint, const gchar *);
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
void col_append_str(frame_data *, gint, gchar *);
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
Some more updates. Now have open_andx decoded mostly ... Still some funnies and some difficult things. I should not have blown away any of Gilbert's stuff this time around ... Hope not anyway ... svn path=/trunk/; revision=357
1999-07-12 14:26:16 +00:00
void dissect_packet(const u_char *, frame_data *, proto_tree *);
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
/*
* Routines in packet-*.c
* Routines should take three args: packet data *, cap_len, packet_counts *
* They should never modify the packet data.
*/
Patches from Thierry Andry to support Classical IP captures from systems with the ATM on Linux software from <http://lrcwww.epfl.ch/linux-atm/>. svn path=/trunk/; revision=401
1999-07-28 23:16:42 +00:00
void capture_clip(const u_char *, guint32, packet_counts *);
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
void capture_eth(const u_char *, guint32, packet_counts *);
void capture_fddi(const u_char *, guint32, packet_counts *);
void capture_null(const u_char *, guint32, packet_counts *);
void capture_ppp(const u_char *, guint32, packet_counts *);
void capture_raw(const u_char *, guint32, packet_counts *);
void capture_tr(const u_char *, guint32, packet_counts *);
/*
* Routines in packet-*.c
* Routines should take four args: packet data *, offset, cap_len,
* packet_counts *
* They should never modify the packet data.
*/
Jeff Foster's changes to add support for NetBEUI/NBF (NetBIOS atop 802.2 LLC, the original NetBIOS encapsulation). svn path=/trunk/; revision=466
1999-08-10 20:06:39 +00:00
void capture_netbios(const u_char *, int, guint32, packet_counts *);
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
void capture_llc(const u_char *, int, guint32, packet_counts *);
void capture_ip(const u_char *, int, guint32, packet_counts *);
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/*
* Routines in packet-*.c
* Routines should take three args: packet data *, frame_data *, tree *
* They should never modify the packet data.
*/
Patches from Thierry Andry to support Classical IP captures from systems with the ATM on Linux software from <http://lrcwww.epfl.ch/linux-atm/>. svn path=/trunk/; revision=401
1999-07-28 23:16:42 +00:00
void dissect_clip(const u_char *, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_eth(const u_char *, frame_data *, proto_tree *);
void dissect_fddi(const u_char *, frame_data *, proto_tree *);
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
void dissect_lapb(const u_char *, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_null(const u_char *, frame_data *, proto_tree *);
void dissect_ppp(const u_char *, frame_data *, proto_tree *);
void dissect_raw(const u_char *, frame_data *, proto_tree *);
void dissect_tr(const u_char *, frame_data *, proto_tree *);
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
/*
* Routines in packet-*.c
* Routines should take four args: packet data *, offset, frame_data *,
* tree *
* They should never modify the packet data.
*/
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
int dissect_ah(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_aarp(const u_char *, int, frame_data *, proto_tree *);
void dissect_arp(const u_char *, int, frame_data *, proto_tree *);
void dissect_bootp(const u_char *, int, frame_data *, proto_tree *);
void dissect_cdp(const u_char *, int, frame_data *, proto_tree *);
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
void dissect_cotp(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_data(const u_char *, int, frame_data *, proto_tree *);
void dissect_ddp(const u_char *, int, frame_data *, proto_tree *);
void dissect_dns(const u_char *, int, frame_data *, proto_tree *);
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
void dissect_esp(const u_char *, int, frame_data *, proto_tree *);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_ftp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ftpdata(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_giop(const u_char *, int, frame_data *, proto_tree *);
void dissect_http(const u_char *, int, frame_data *, proto_tree *);
void dissect_icmp(const u_char *, int, frame_data *, proto_tree *);
Jun-ichiro's IPv6 patch is merged in with ethereal and now uses the new proto*() functions. The configure script tries to use ipv6 name resolution if it knows the type of ipv6 stack the user has (this can be avoided with the --disable-ipv6 switch) Additionally, the configure script now deals with wiretap better. If the user doesn't want to compile wiretap, the wiretap is never visited. A few unnecessary #includes were removed from some wiretap files, and a CPP macro was moved from bpf.c to wtap.h. svn path=/trunk/; revision=229
1999-03-28 18:32:03 +00:00
void dissect_icmpv6(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_igmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_ip(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipv6(const u_char *, int, frame_data *, proto_tree *);
void dissect_ipx(const u_char *, int, frame_data *, proto_tree *);
void dissect_llc(const u_char *, int, frame_data *, proto_tree *);
void dissect_lpd(const u_char *, int, frame_data *, proto_tree *);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_nbdgm(const u_char *, int, frame_data *, proto_tree *);
Jeff Foster's changes to add support for NetBEUI/NBF (NetBIOS atop 802.2 LLC, the original NetBIOS encapsulation). svn path=/trunk/; revision=466
1999-08-10 20:06:39 +00:00
void dissect_netbios(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_nbipx_ns(const u_char *, int, frame_data *, proto_tree *, int);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_nbns(const u_char *, int, frame_data *, proto_tree *);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_nbss(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_ncp(const u_char *, int, frame_data *, proto_tree *, int);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_nntp(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_nwlink_dg(const u_char *, int, frame_data *, proto_tree *, int);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_osi(const u_char *, int, frame_data *, proto_tree *);
void dissect_ospf(const u_char *, int, frame_data *, proto_tree *);
void dissect_ospf_hello(const u_char *, int, frame_data *, proto_tree *);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_pop(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_pppoed(const u_char *, int, frame_data *, proto_tree *);
void dissect_pppoes(const u_char *, int, frame_data *, proto_tree *);
void dissect_isakmp(const u_char *, int, frame_data *, proto_tree *);
void dissect_radius(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_rip(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_rsvp(const u_char *, int, frame_data *, proto_tree *);
void dissect_rtsp(const u_char *, int, frame_data *, proto_tree *);
void dissect_sdp(const u_char *, int, frame_data *, proto_tree *);
void dissect_snmp(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_tcp(const u_char *, int, frame_data *, proto_tree *);
Declare the "packet_info" structure "pi" in "packet.h", rather than in a bunch of source files. Replace the "payload" field of a "packet_info" structure with "len" and "captured_len" fields, which contain the total packet length and total captured packet length (including all headers) at the current protocol layer (i.e., if a given layer has a length field, and that length field says its shorter than the length we got from the capture, reduce the "pi.len" and "pi.captured_len" values appropriately). Those fields can be used in the future if we add checks to make sure a field we're extracting from a packet doesn't go past the end of the packet, or past the captured part of the packet. Get rid of the additional payload argument to some dissection functions; use "pi.captured_len - offset" instead. Have the END_OF_FRAME macro use "pi.captured_len" rather than "fd->cap_len", so that "dissect the rest of the frame" becomes "dissect the rest of the packet", and doesn't dissect end-of-frame padding such as padding added to make an Ethernet frame 60 or more octets long. (We might want to rename it END_OF_PACKET; if we ever want to label the end-of-frame padding for the benefit of people curious what that extra gunk is, we could have a separate END_OF_FRAME macro that uses "fd->cap_len".) svn path=/trunk/; revision=506
1999-08-18 00:57:54 +00:00
void dissect_telnet(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_tftp(const u_char *, int, frame_data *, proto_tree *);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
void dissect_trmac(const u_char *, int, frame_data *, proto_tree *);
void dissect_udp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_arp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_frp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_icp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_ipc(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_rtp(const u_char *, int, frame_data *, proto_tree *);
void dissect_vines_spp(const u_char *, int, frame_data *, proto_tree *);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_payload_ppp(const u_char *, int, frame_data *, proto_tree *);
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
void dissect_x25(const u_char *, int, frame_data *, proto_tree *);
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
Added initial support for SMB plus most of negprot decode .. svn path=/trunk/; revision=258
1999-05-09 04:16:36 +00:00
void dissect_smb(const u_char *, int, frame_data *, proto_tree *, int);
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
void dissect_pptp(const u_char *, int, frame_data *, proto_tree *);
void dissect_gre(const u_char *, int, frame_data *, proto_tree *);
Add support for the NetBIOS Session Service. Improve the descriptions of the NetBIOS Name Service errors a bit. svn path=/trunk/; revision=247
1999-04-30 03:16:03 +00:00
Added Richard Sharpe's TFTP support. svn path=/trunk/; revision=190
1999-02-15 06:36:57 +00:00
void init_dissect_udp(void);
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see http://www.radcom-inc.com/ ). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may be able to combine some of the LLC dissection and the LAPB dissection into common code that could, conceivably be used for other SDLC-flavored protocols. Make "S" a mnemonic for "Summary" in the "Tools" menu. Move the routine, used for the "Tools/Summary" display, that turns a wiretap file type into a descriptive string for it into the wiretap library itself, expand on some of its descriptions, and add an entry for files from a RADCOM analyzer. Have "Tools/Summary" display the snapshot length for the capture. svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
void init_dissect_x25(void);
Added Richard Sharpe's TFTP support. svn path=/trunk/; revision=190
1999-02-15 06:36:57 +00:00
Add a routine to convert Ethernet packet types to strings. Use that routine in "ethertype()". Have "dissect_arp()" handle hardware addresses that aren't 6-byte Ethernet addresses and protocol addresses that aren't 4-byte IPv4 addresses - currently, it just prints the first 16 hex digits, but it could be made to handle other types specially just as it handles 6-byte Ethernet and 4-byte IPv4 addresses. Have it decode a more complete set of hardware address types. svn path=/trunk/; revision=78
1998-11-03 07:45:10 +00:00
/* These functions are in ethertype.c */
When doing a capture, decode enough of the incoming packets to correctly update the packet counts and percentages in the dialog box popped up during a capture, even for non-Ethernet captures. svn path=/trunk/; revision=184
1999-02-09 00:35:38 +00:00
void capture_ethertype(guint16 etype, int offset,
const u_char *pd, guint32 cap_len, packet_counts *ld);
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
void ethertype(guint16 etype, int offset,
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
const u_char *pd, frame_data *fd, proto_tree *tree,
Fixed packet.h for good. svn path=/trunk/; revision=358
1999-07-12 21:39:28 +00:00
proto_tree *fh_tree, int item_id);
extern const value_string etype_vals[];
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
Added guy's time and DHCP patch. svn path=/trunk/; revision=177
1999-01-28 21:29:36 +00:00
/* These functions are in packet-arp.c */
gchar *arphrdaddr_to_str(guint8 *ad, int ad_len, guint16 type);
gchar *arphrdtype_to_str(guint16 hwtype, const char *fmt);
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
/*
* All of the possible columns in summary listing.
*
* NOTE: The SRC and DST entries MUST remain in this order, or else you
* need to fix the offset #defines before get_column_format!
*/
enum {
COL_NUMBER, /* Packet list item number */
COL_CLS_TIME, /* Command line-specified time (default relative) */
COL_REL_TIME, /* Relative time */
COL_ABS_TIME, /* Absolute time */
COL_DELTA_TIME, /* Delta time */
COL_DEF_SRC, /* Source address */
COL_RES_SRC, /* Resolved source */
COL_UNRES_SRC, /* Unresolved source */
COL_DEF_DL_SRC, /* Data link layer source address */
COL_RES_DL_SRC, /* Resolved DL source */
COL_UNRES_DL_SRC, /* Unresolved DL source */
COL_DEF_NET_SRC, /* Network layer source address */
COL_RES_NET_SRC, /* Resolved net source */
COL_UNRES_NET_SRC, /* Unresolved net source */
COL_DEF_DST, /* Destination address */
COL_RES_DST, /* Resolved dest */
COL_UNRES_DST, /* Unresolved dest */
COL_DEF_DL_DST, /* Data link layer dest address */
COL_RES_DL_DST, /* Resolved DL dest */
COL_UNRES_DL_DST, /* Unresolved DL dest */
COL_DEF_NET_DST, /* Network layer dest address */
COL_RES_NET_DST, /* Resolved net dest */
COL_UNRES_NET_DST, /* Unresolved net dest */
COL_DEF_SRC_PORT, /* Source port */
COL_RES_SRC_PORT, /* Resolved source port */
COL_UNRES_SRC_PORT, /* Unresolved source port */
COL_DEF_DST_PORT, /* Destination port */
COL_RES_DST_PORT, /* Resolved dest port */
COL_UNRES_DST_PORT, /* Unresolved dest port */
COL_PROTOCOL, /* Protocol */
COL_INFO, /* Description */
Added "Packet Length in bytes" as an optional column. svn path=/trunk/; revision=375
1999-07-22 16:03:52 +00:00
COL_PACKET_LENGTH, /* Packet length in bytes */
Removed all references to gtk objects from packet*.[ch] files. They now reference the protocol tree with struct proto_tree and struct proto_item objects. That way, the packet decoding source code file can be used with non-gtk packet decoders, like a curses-based ethereal, e.g. I also re-arranged some of the information in packet.h to more appropriate places (like other packet-*.[ch] files). svn path=/trunk/; revision=223
1999-03-23 03:14:46 +00:00
NUM_COL_FMTS /* Should always be last */
};
Initial revision svn path=/trunk/; revision=2
1998-09-16 02:39:15 +00:00
#endif /* packet.h */